CVE-2013-6480

Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:libcloud:0.12.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:libcloud:0.12.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:libcloud:0.13.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:libcloud:0.13.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:libcloud:0.13.2:*:*:*:*:*:*:*

Information

Published : 2014-01-07 10:55

Updated : 2018-10-09 12:34


NVD link : CVE-2013-6480

Mitre link : CVE-2013-6480


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

apache

  • libcloud